TIP: Use Markdown or, <pre> for multi line code blocks / <code> for inline code.
These forums are read-only and for archival purposes only!
Please join our new forums at discourse.kohanaframework.org
  • I want to realize it (or first sketch) and before it want to know your opinion.

    Shall it
    - extend auth library (auth class and driver extensions)
    - suppliment it externally
    - be a full separate module with its own users and roles (with blackjack and hookers:))
  • (This is simply MY opinions :D)

    no dont extend the auth library, it is definitely best to rewrite it as our own module. The inbuilt auth is just an example and not suitable for enterprise level stuff.

    I personally think it is a good idea to abstract the user information and the ACL as well.

    • So you would have one user model that would handle the user and their profiles and any custom data (and hopefully be extensible)
    • Then we might have an ACL model that either extended the above model or supplemented it: and was itself extensible to offer level based, role based or group based access.
    • The we have a library that handles logging in and also (via a hook maybe) preloading the basic use model for logged in users (for access in controllers or views etc.). Note that I DONT mean that this lib handles registration. Just purely login/logout and the data loading.

    We also might have a helper class that could do hashing (similar to the great method Shadowhand came up with in the included Auth module) and other supplementary stuff :)

    That is how I would do it anyway :D hope it helps!

  • Hi All

    I started working on an ACL/Auth system. I've gotten fairly far into it, so feel free to use it as needed.

    Click

    -Tap
  • Posted By: Errantto offer level based, role based or group based access.


    Let's speak about it :) I always thought, that role-based model is most common and include other models.

    (for example group-based model results from role based, when roles are not intersectable in users space).
  • Well yes but some people prefer purely group based, some, even, might want just level based access..

    Somethign that is modular will be more useful.

    Also you can abstract the roles so that they can be used for groups or users: with the advantage that you can also use them for other things as well (cant think off hand as an example).

    As to:

    I always thought, that role-based model is most common and include other models.

    I would say 90% of the sites I have built were more suited to either group or (more often) level based :) but I concede your point. Iti s popular - but no reason not to support the others.. right?

  • I think I read that someone had ported the Zend acl to Kohana....let me just check....could be good for inspiration maybe....I think that the Zend Acl is very nice...

    update: yes,ixmatus has made a port this thread has a link to a svn repo

  • Yes, this module is very good, I'll use it in my current project. Thanks to its author:)

    But there is only acl, not any authenfication abilities. Some variants:

    - We use auth for authenfication, zend_acl for acl (can we use it? i've not found any license notifications)
    - We make new auth+acl module.

    It's quite important, because this module will be used in most of Hanami high-level modules.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion